Vendor/Supplier Management Strategy

Do your Vendors and Suppliers access your network? Does your company have a minimum security posture your Vendors and Suppliers must maintain? This offering will assist your company in establishing the correct level of business risk. Click hereto download pdf brochure.

	The Quick Read Most companies are dependent on exchanging data with vendors and suppliers yet do not have a strategy for this critical business risk Maintaining a secure supply chain is a critical need of most large companies This offering can quickly provide a strategy and remediation plan Click Here to download Vendor/Supplier Management Strategy (pdf)

Who Needs a Vendor / Supplier Management Strategy?

	Any company that accepts or shares data via web-based applications with vendors, suppliers or end-user customers
	Any company that relies on their vendors/suppliers to maintain a security posture at least as secure as their own
	You do if your company has not yet established a strategy for ensuring that your vendors and suppliers are not currently putting your business at risk

What is a Vendor/Supplier Management Strategy?

The scope of our Vendor/Supplier Management Strategy includes a detailed examination of all of your company’s business processes that involve 3rd party vendors, suppliers or customers. After mapping the business processes our team of trained consultants will overlay our knowledge of key security vulnerabilities, review all the external access points, and interview a sampling of current vendors and suppliers. Our team will then prepare a recommended strategy and implementation plan for encouraging all of your vendors and suppliers to maintain an acceptable level of security based on the needs of your business and the level of access needed by your vendors.

	Identify your vendors and suppliers		Map all of the touch points to your corporate network
	Examine the access points for potential security flaws		Develop a security strategy

Vendor/Supplier Management Strategy Engagement Process and Deliverables

After an initial call, the Arsenal Security Group Senior Information Security Professional will prepare a statement of work within 2 days and we normally can begin an engagement within two weeks. During the engagement we will use interviews, questionnaires, physical tours and technical tools to develop our assessment. We usually use 1-2 consultants in tandem with our Senior Information Security Professional to complete an engagement. We will provide an executive summary, a detailed report with all of our findings and recommendations, and a final onsite presentation. Our engagement is not complete until all of our deliverables have been reviewed and accepted by our client.

About Arsenal Security Group
Arsenal Security Group is a security consulting firm that is focused on close client coordination and collaboration. From the initial meeting through the final presentation, one of Arsenal Security Group’s Senior Information Security Professionals will be the primary contact for all engagement activities.We proactively conduct weekly calls with our client when engaged and meet with clients on a quarterly basis to review and understand their security posture – even when we are not actively engaged on assignment to ensure they are aware of new security risks or regulatory changes they may impact their business.